HIGH🇬🇧 English

CVE-2026-25658

CVSS 7.1v4.0pub. 2026-06-05upd. 2026-06-08

Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops.

oryginał EN
CVSS Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Ericsson Packet Core Gateway

    APP
    Ericsson
    < 1.30
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-25657HIGH7.1ten sam produkt

Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invali...

CVE-2026-25659HIGH7.1ten sam produkt

Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-...

CVE-2026-25660CRITICAL9.3PL ✓ten sam vendor

Ericsson CodeChecker — Authentication Bypass umożliwiający eskalację uprawnień

CVE-2024-10081CRITICAL10.0PL ✓ten sam vendor

Authentication bypass w Ericsson CodeChecker — pełny dostęp do API

CVE-2025-59174HIGH7.1ten sam vendor

Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending...